What you need to know about open ports to protect your business
- 10 months ago
- 2 min read
The ports we are discussing in this post are virtual (software based) places where network connections start and end. All communication that happens over the internet is exchanged via ports.
Ports were invented to reroute different processes. For example, surfing the web always uses port 80 and port 443, port 25 is used for sending emails. Currently, there are 65,535 ports. They make network connections efficient because they let your computer know what to do with the data.
Cyber criminals can exploit open ports to gain access by sending malicious traffic through them with the intention to take control or steal sensitive information. This is sometimes compared to a thief that checks every door of a house to see if one hasn’t been locked. Out of the more than 60,000 ports only a few that are actively used should be kept open.
Closing ports is like shutting the door on cyber criminals, so it’s important to regularly monitor and evaluate your website’s open ports.
We do port scans for our clients with the intention to improve security. We check ports that are commonly used in popular applications like MySQL, PostgreSQL or Remote Desktop. From that data we can see that the majority of sites (61%) have fewer than six open ports. However, the data also suggests that there are around 2.4 million domains worldwide that have more than 80 open ports. Among these, 23% are business or eCommerce sites.
What can you do to protect open ports? One way to address this is by implementing firewalls. These can be either software, like a program you install on your computer, or hardware. Next, you should determine how many ports you have open and whether all of these need to be open. Closing ports is like shutting the door on cyber criminals, so it’s important to regularly monitor and evaluate your website’s open ports.
Domain registrars and registries could also use this kind of data to prevent security breaks and hacks into their users' websites by checking and warning their clients if a firewall isn't configured right and to inform them of the number of open ports.